randomkeygen.com | Random Key Generator | Generator Utils library

I am upgrading an application from CodeIgniter 2.2.1 to 3.1.8. The application authenticates users and saves the authentication state in a session, and after upgrading that has broken such that users can no longer log in. I'm running PHP Version 7.1.12 via PHP-FPM on nginx, on a Linux virtual machine.

I've spent the best part of 1.5 days trying to get to the bottom of this. As best I can tell it boils down to PHP not reading the session ID that is sent in by the browser via cookie, and creating a new session (and session ID) for each request. I can tell this from the fact that the ci_session value from the request cookie is different from the ci_session value in the corresponding response cookie (as display in Firefox devtools), as well as the fact that a new file is created each time. (I have configured CodeIgniter to use the files driver.)

In attempting to debug, if I log the value of session_id() before the call to session_start() (in /system/libraries/Session/Session.php, line 143), I just see a blank string. Immediately afterwards, I see the same new session ID that Firefox shows in the response cookie.

I've read fairly extensively through:

• the CI3 upgrade guide
• the PHP session documentation
• Stackoverflow and other Google results

and tried the following remedies to no avail:

• set PHP error_reporting to E_ALL and check the PHP error log for any messages e.g. relating to headers already having been output
• changed the value of $config['encryption_key'] to a random 32-character string copied from the CodeIgniter section of http://randomkeygen.com/
• changed the value of $config['sess_cookie_name'] to a string consisting solely of lower-case alphanumeric characters
• made sure that session files are indeed being created in the $config['sess_save_path'] directory, with the correct IDs and information
• tried setting $config['cookie_domain'] to .domainname.tld (and also just '')
• jumped straight to CI 3.1.8 (I originally upgraded to 3.0.0 and was planning on going through the upgrade instructions for each release up to 3.1.8. I haven't done that yet, instead I have just replaced the /system folder with the 3.1.8 version).

Below I've pasted what I believe are all the relevant settings from CI and from PHP. Clearly I am missing something, quite possibly something really basic. How can I diagnose further/fix?

CodeIgniter settings